FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nginx -- potential information leak

Affected packages
nginx < 1.0.14,1
nginx-devel < 1.1.17

Details

VuXML ID 29194cb8-6e9f-11e1-8376-f0def16c5c1b
Discovery 2012-03-15
Entry 2012-03-15

nginx development team reports:

Matthew Daley recently discovered a security problem which may lead to a disclosure of previously freed memory on specially crafted response from an upstream server, potentially resulting in sensitive information leak.

References

URL http://nginx.net/CHANGES